GHOST GLIBC LIBRARY VULNERABILITY – Redhat

The another heartbreaking news for Linux administrators and users. The serious vulnerability has been detected on the Linux glibc library and they named this vulnerability as “GHOST” .The GNU C Library (glibc) is an implementation of the standard C library and a core part of the Linux operating system. This vulnerability allows hackers/attackers to take complete control of the system without knowing the system credentials.This security vulnerability has been tagged to CVE-2015-0235 on the National Vulnerability Database (NVD).This bug has been discovered by the Qualys security researchers .

GHOST is a ‘buffer overflow’ bug affecting the function calls gethostbyname() and gethostbyname2() in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.

The first vulnerable version of the GNU C Library is glibc-2.2, released on November 10, 2000. Qualys security researchers identified a number of factors that mitigate the impact of this bug. In particular, they discovered that it was fixed on May 21, 2013 (between the releases of glibc-2.17 and glibc-2.18). Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7,Ubuntu 12.04.